Bob Lord Is the DNC’s New Chief Security Officer
Credit to Author: Issie Lapowsky| Date: Thu, 25 Jan 2018 17:59:11 +0000
The Democratic National Committee has hired Bob Lord, most recently Yahoo's head of information security, to be its chief security officer—a brand new position, created in the aftermath of the historic hack by Russian operatives of the DNC's servers during the 2016 presidential campaign.
This is Lord's first foray into the world of politics, having spent his career in Silicon Valley working at companies like Twitter, AOL, and Netscape. But it's far from Lord's first stint leading a cleanup crew in the wake of an extensive and deeply damaging hack. Lord was responsible for detecting two massive data breaches that occurred prior to his arrival at Yahoo, and worked with the Federal Bureau of Investigation to track down those responsible.
"I'll be working to protect my new colleagues at the DNC from the attackers who would prefer to keep us distracted from our mission of getting Democrats across the nation elected," Lord said in a statement. "And my job doesn’t stop at the front door of the building—my team and I will work with state parties to update their information security strategies and deployments to change the economics for the attackers.” On Thursday, Lord was already meeting with state party chairs, leading a tutorial on security protocol for volunteers and new hires.
According to Raffi Krikorian, who worked with Lord at Twitter and now serves as the DNC's chief technology officer, Lord's experience dealing with the Yahoo hack was central to the committee's decision to hire him.
"There are very few people in the world who actually found foreign actors in their system and did something about it," Krikorian says.
DNC chairman Tom Perez found that background compelling as well. “When I took this job, I made it crystal clear that our organization’s cybersecurity required immediate attention and resources," Perez said in a statement to WIRED. "I’m confident Bob’s skills and hard work will help protect us against the sort of cyberattacks and intrusions that are unfortunately all too common in today’s age."
The DNC is still recovering from the hack of its servers in 2016. Russian hackers penetrated the system with a barrage of phishing emails that appeared to be from Google, encouraging DNC staffers to change their passwords. According to the Associated Press, 29 of those attempts failed. One succeeded. Internal emails which were then leaked to and published by WikiLeaks sent the committee, and arguably the country, into a chaotic spiral over Russian attempts to influence the American election.
'There are very few people in the world who actually found foreign actors in their system and did something about it.'
Raffi Krikorian, DNC
It's a kind of chaos with which Lord is all too familiar. After spending four years at Twitter, where he was the company's first dedicated security hire, Lord joined Yahoo in 2015. Just a year later, he broke the news to the world that half a billion Yahoo accounts had been exposed during a 2014 data breach. Just months later, the company disclosed the even larger 2013 breach, which Yahoo now says affected all three billion of its users. The hackers used stolen information from the Yahoo accounts to gain entry to users' Google accounts, skim credit card information, and redirect Yahoo searches for "erectile dysfunction medication" to a phony online pharmacy in what seemed to be a profit-making spam campaign. In March of 2017, the Department of Justice announced it had charged two officers of the Russian Federal Security Service and two additional accomplices with computer hacking, economic espionage, and other crimes, and credited Yahoo with helping them track down the perpetrators.
“Working closely with Yahoo and Google, Department of Justice lawyers and the FBI were able to identify and expose the hackers responsible for the conduct described today, without unduly intruding into the privacy of the accounts that were stolen," US attorney Brian Stretch said at the time.
In an interview at TechCrunch Disrupt last year, Lord described the experience of discovering the cascade of hacks as a kind of vertigo. “If you’re familiar with that effect that Alfred Hitchcock perfected—where things look like they’re sort of telescoping out. And you can still see everything but you still have this weird parallax going on,” he said. “I remember feeling that when I was putting all of the different pieces together. And that’s not a great feeling.”
'This is in my opinion one of the hardest challenges in cybersecurity.'
Raffi Krikorian
Lord's new position has clear parallels to his work securing Yahoo in the wake of the attacks. But it also differs in critical ways, says Krikorian. Unlike a major tech company, the Democratic party is essentially a nationwide network of small offices that scale up and down overnight. They also need to open their systems up to volunteers, who often work on unsecured, personal devices. "It’s an absolute nightmare," Krikorian says. "This is in my opinion one of the hardest challenges in cybersecurity."
Krikorian's team of 25 has worked hard to convince the DNC's full-time staffers that they are constantly under attack. The tech team periodically launches phishing attacks on its own staffers. It was a phishing attack, after all, that gave Russian operatives a window into the DNC's servers to begin with. One recent attack conducted by Krikorian's team used an email that appeared to be an ad for a Nordstrom sale—it elicited more clicks than Krikorian would have hoped for.
Krikorian says the committee sees "interesting traffic," everyday: repeated login attempts with incorrect passwords, odd patterns in times of usage, logins from IP addresses in places other than the Washington DC area, and at least one phony Google Hangout request that was flagged by the recipient. Lord's job, Krikorian says, is to rethink all of the organization's existing systems, from its email provider to its physical infrastructure, in order to prevent history from repeating itself.
"I've always taken the position we probably still have someone in the system. We have to have that kind of posture," Krikorian says. "I'll never claim we’re fully locked down. This is an arms race."
The US wasn't the only country Russia targeted. Here's their playbook for disrupting elections around the world
In fact, they don't just target elections; Russia has a whole toolkit at its disposal for messing with the US
Phishing your own staff might seen cruel, but it's actually critical for maintaining good security hygiene